package com.voltmao.filter;

import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;


@Component("authorizationFilter")
public class AuthorizationFilter implements Filter {

	private static String ContentTypeJSON = "application/json;charset=UTF-8";

	//@Autowired

	@Override
	public void destroy() {

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
						 FilterChain chain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpSession session = req.getSession();
		String uri = req.getRequestURI();

		String sdataid = req.getHeader("sdataid");

		String udataid = req.getHeader("udataid");
		String category = req.getHeader("category");
		String token = req.getHeader("token");

		Map<String, String> headers = new HashMap<String, String>();
		headers.put("sdataid", sdataid);
		headers.put("udataid", udataid);
		headers.put("category", category);
		headers.put("token", token);

		String regex = "(/(\\w){1,}){0,2}/onlineuser/login.json";
		String regex1 = "(/(\\w){1,}){0,2}/onlineuser/view.json";

		List<String> uris = new LinkedList<String>();
		uris.add("school/ajaxlogin.json");
		uris.add("school/create.json");
		uris.add("onlineuser/login.json");
		uris.add("onlineuser/view.json");
		uris.add("student/studentsByClassidUserid.json");
		uris.add("student/scoreGroupByCourse.json");

		System.out.println(uri);
		boolean matches = false;
		for (String uri0 : uris) {
			if (uri.matches(String.format("(/(\\w){1,}){0,2}/%s", uri0))) {
				matches = true;
				break;
			}
		}

		//TODO 暂时关闭过滤器
		matches = true;

		if (!matches) {


			if (sdataid == null || sdataid.length() == 0) {
				response.setContentType(ContentTypeJSON);
				response.getWriter().write("{\"errmsg\":\"Access is denied.\", \"errcode\":-2}");
				response.getWriter().flush();
				return;
			}

			if (udataid == null || udataid.length() == 0) {
				response.setContentType(ContentTypeJSON);
				response.getWriter().write("{\"errmsg\":\"Access is denied.\", \"errcode\":-2}");
				response.getWriter().flush();
				return;
			}

			if (token == null || token.length() == 0) {
				response.setContentType(ContentTypeJSON);
				response.getWriter().write("{\"errmsg\":\"Authorization failed.\", \"errcode\":-1}");
				response.getWriter().flush();
				return;
			}
			matches = false;
//			for(ITSRoleResources resource : resources){
//				String reg  = String.format("(/(\\w){1,}){0,2}%s", resource.getUrl());
//				if(uri.matches(reg)){
//					matches=true;
//					break;
//				}
//			}
			matches = true;
			if (!matches) {
				response.setContentType(ContentTypeJSON);
				response.getWriter().write("{\"errmsg\":\"Access is denied.\", \"state\":-2}");
				response.getWriter().flush();
				return;
			}
		}

		chain.doFilter(request, response);
	}

	@Override
	public void init(FilterConfig cfg) throws ServletException {

	}

}
